Proactive Agent Lite
ReviewAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill has no code or credentials, but it encourages automatic proactivity and long-term learning without clearly defining memory controls.
This skill does not include executable code or request credentials, so there is no evidence of malware or data exfiltration. The main issue is behavioral: it asks the agent to become proactive and remember information across sessions. Install it only if you are comfortable with persistent agent memory, and verify how to view, limit, and delete what the agent remembers.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may retain details from conversations and reuse them later, including private or incorrect information, without clear user controls.
The skill claims persistent cross-session memory, but the artifacts do not document storage location, retention, user review, deletion, or safeguards against saving sensitive or poisoned context.
- **Long-term memory**: Maintains continuity across sessions
Before installing, confirm how OpenClaw memory is stored and cleared. The maintainer should document what is saved, when memory is written, how to inspect/delete it, and how sensitive data is excluded.
The agent may offer ideas or next steps without being directly asked, which can be helpful but may not fit users who want strict task-following behavior.
The skill intentionally changes the agent from a passive responder into a more proactive assistant. This is disclosed and central to the purpose, but users should expect unsolicited suggestions or initiative.
Simply install and the agent will automatically begin exhibiting proactive characteristics.
Use conservative settings if available, and require confirmation before the agent takes any external or irreversible action.
Users could over-trust the privacy guarantee and share sensitive information that may be remembered or reused by the agent.
The README makes an absolute privacy claim, but the instruction-only artifacts do not show a concrete mechanism that guarantees this, especially while also claiming long-term memory.
- **Data protection**: Never exposes private information
Treat the privacy claim as aspirational unless the maintainer documents concrete memory, redaction, and data-handling controls.